Re: [Full-disclosure] Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of, Service Vulnerability

Well you said it: "DoS Vulnerability"
And stills a vulnerability, useless yes, but a vulnerability.


2009/2/25, Jubei Trippataka <vpn.1.fanatic@xxxxxxxxx>:
Why does the industry incessantly call any bug a "DoS Vulnerability". Why
are these bugs even published to a security mailing list and not privately
dealt with by the vendor? Just because a bug class can crash an application
doesn't make it a security issue.

Does this frustrate anyone else?



Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Relevant Pages

  • [Full-Disclosure] Re: its all about timing
    ... >hunters, sure don't sound like they need some else telling them what ... I think it's because there are more "consumers" of vulnerability ... to remove those bugs from their vulnerable systems. ... responsible for the security of large, ...
  • RE: PHPNuke SQL Injection
    ... I don't like to claim for the authory of bugs, ... I contacted Francisco Bucci,the author of PhpNuke and I suggested ... PHPNUKE is_user || is_admin VULNERABILITY ... using base64 so the "magic quotes" protection of PHP is not working. ...
  • Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability)
    ... I would prefer the details of each vulnerability and how to protect against ... I'm off to the office to burn that Bin Laden bible "The Guide to VMS ... little How-to-Hack guide? ... Decimation of testing staff means no more bugs ...
  • Re: Mac Hacked by QuickTime Bug "As Serious as ANI"
    ... lead to system hijacking, she said—much the same as the Windows ANI ... it's still a serious vulnerability. ... A major problem with the article is that Safari bugs were identified as OS bugs while QuickTime bugs were not. ...
  • vpopmail <= 5.4.2 (sybase vulnerability)
    ... format string and buffer overflow (sybase) ... Two vulnerability: format string and buffer overflow. ... To avoid this bugs, you must use snprintfwith format like "%s". ...